I have updated the editor's draft of the Access Control for Cross-site Requests specification to include support for HTTP headers as per my proposal earlier:
http://www.w3.org/mid/[EMAIL PROTECTED] http://dev.w3.org/2006/waf/access-control/ Nothing else has changed because no other changes have been proposed. I think we should be able to go to Last Call now. -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
